Spam Accounted for 84% of Total E-Mails in November 2009

As per the data released by online security company Websense, 84% of mails in the month of November 2009 were spam and from that, 86% carried an embedded malicious URL.

Spammers have been using free shipping, free samples with purchase, combo packs and discounts as the marketing tactics to entice computer users. Besides, spammers have been selling forged branded watches, purses and other goods, making this holiday season a typical holiday season seen in previous years.

Like any other business owner, spammers have also been using the holiday season to raise their revenue. Halloween themed spam came in October 2009 and November 2009, and spammers exploited the US Veteran's holiday for their own benefits. Security experts have claimed that this trend will continue as attackers find the holiday season a great chance to dupe users shopping online.

Moreover, security researchers at Websense have discovered visa phishing campaign that attacks holiday shoppers who purchases gifts online. The attack tries to exploit the "Verified By Visa" program to target as many people as possible. The phishing mail directs the user to a fake web page that yields all the details the user gave to the card issuing bank at the time of sign up for the credit card.

A Facebook phishing attack has also been found that targets users' Facebook information. Once the user enters the username or password, he or she is shown an error message claiming an "incorrect mail/password combination".

The security researchers have commented that in 2010, a greater quantity of spam is expected. Attackers' use of Web 2.0 sites has been proven efficient in the past because of the increased level of trust users place on the platforms and other users. Websense expects that this trend will continue in 2010.

Therefore, the security researchers advise users to be careful of these attacks. The first move in curbing these attacks can be user's alertness. Secondly, users should use latest security software to protect their systems. Both the updated software and the awareness of users can prevent them from being trapped by these attacks.